aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--manifests/classes/postfix-mailman.pp2
-rw-r--r--manifests/classes/postfix-mta.pp4
-rw-r--r--manifests/classes/postfix.pp19
-rw-r--r--manifests/definitions/hash.pp36
-rw-r--r--manifests/definitions/mailalias.pp32
-rw-r--r--templates/master.cf.debian-etch.erb64
-rw-r--r--templates/master.cf.redhat5.erb2
7 files changed, 107 insertions, 52 deletions
diff --git a/manifests/classes/postfix-mailman.pp b/manifests/classes/postfix-mailman.pp
index c6c7981..cba0848 100644
--- a/manifests/classes/postfix-mailman.pp
+++ b/manifests/classes/postfix-mailman.pp
@@ -15,7 +15,7 @@
# }
#
class postfix::mailman {
- $postfix_ng_smtp_listen = "0.0.0.0"
+ $postfix_smtp_listen = "0.0.0.0"
include postfix
postfix::config {
diff --git a/manifests/classes/postfix-mta.pp b/manifests/classes/postfix-mta.pp
index ff94c91..c36c0bc 100644
--- a/manifests/classes/postfix-mta.pp
+++ b/manifests/classes/postfix-mta.pp
@@ -2,7 +2,7 @@
# == Class: postfix::mta
#
# This class configures a minimal MTA, listening on
-# $postfix_ng_smtp_listen (default to localhost) and delivering mail to
+# $postfix_smtp_listen (default to localhost) and delivering mail to
# $postfix_mydestination (default to $fqdn).
#
# A valid relay host is required ($postfix_relayhost) for outbound email.
@@ -19,7 +19,7 @@
#
# node "toto.example.com" {
# $postfix_relayhost = "mail.example.com"
-# $postfix_ng_smtp_listen = "0.0.0.0"
+# $postfix_smtp_listen = "0.0.0.0"
# $postfix_mydestination = "\$myorigin, myapp.example.com"
#
# include postfix::mta
diff --git a/manifests/classes/postfix.pp b/manifests/classes/postfix.pp
index a413664..36089a6 100644
--- a/manifests/classes/postfix.pp
+++ b/manifests/classes/postfix.pp
@@ -20,7 +20,7 @@ class postfix {
# selinux labels differ from one distribution to another
case $operatingsystem {
- RedHat: {
+ RedHat, CentOS: {
case $lsbmajdistrelease {
"4": { $postfix_seltype = "etc_t" }
"5": { $postfix_seltype = "postfix_etc_t" }
@@ -34,8 +34,8 @@ class postfix {
}
# Default value for various options
- case $postfix_ng_smtp_listen {
- "": { $postfix_ng_smtp_listen = "127.0.0.1" }
+ case $postfix_smtp_listen {
+ "": { $postfix_smtp_listen = "127.0.0.1" }
}
case $root_mail_recipient {
"": { $root_mail_recipient = "nobody" }
@@ -85,10 +85,13 @@ class postfix {
file { "/etc/postfix/master.cf":
ensure => present,
owner => "root",
+ group => "root",
mode => "0644",
content => $operatingsystem ? {
Redhat => template("postfix/master.cf.redhat5.erb"),
- Debian,Ubuntu => template("postfix/master.cf.debian-etch.erb"),
+ CentOS => template("postfix/master.cf.redhat5.erb"),
+ Debian => template("postfix/master.cf.debian-etch.erb"),
+ Ubuntu => template("postfix/master.cf.debian-etch.erb"),
},
seltype => $postfix_seltype,
notify => Service["postfix"],
@@ -99,8 +102,9 @@ class postfix {
file { "/etc/postfix/main.cf":
ensure => present,
owner => "root",
+ group => "root",
mode => "0644",
- source => "puppet:///postfix/main.cf",
+ source => "puppet:///modules/postfix/main.cf",
replace => false,
seltype => $postfix_seltype,
notify => Service["postfix"],
@@ -115,7 +119,7 @@ class postfix {
}
case $operatingsystem {
- RedHat: {
+ RedHat, CentOS: {
postfix::config {
"sendmail_path": value => "/usr/sbin/sendmail.postfix";
"newaliases_path": value => "/usr/bin/newaliases.postfix";
@@ -124,8 +128,7 @@ class postfix {
}
}
- mailalias {"root":
+ postfix::mailalias {"root":
recipient => $root_mail_recipient,
- notify => Exec["newaliases"],
}
}
diff --git a/manifests/definitions/hash.pp b/manifests/definitions/hash.pp
index a0514ee..c8bb7c7 100644
--- a/manifests/definitions/hash.pp
+++ b/manifests/definitions/hash.pp
@@ -5,11 +5,10 @@ Creates postfix hashed "map" files. It will create "${name}", and then build
"${name}.db" using the "postmap" command. The map file can then be referred to
using postfix::config.
-Note: the content of the file is not managed by this definition.
-
Parameters:
- *name*: the name of the map file.
-- *ensure*: present/absent, defaults to present
+- *ensure*: present/absent, defaults to present.
+- *source*: file source.
Requires:
- Class["postfix"]
@@ -29,12 +28,12 @@ Example usage:
}
*/
-define postfix::hash ($ensure="present") {
+define postfix::hash ($ensure="present", $source = false) {
# selinux labels differ from one distribution to another
case $operatingsystem {
- RedHat: {
+ RedHat, CentOS: {
case $lsbmajdistrelease {
"4": { $postfix_seltype = "etc_t" }
"5": { $postfix_seltype = "postfix_etc_t" }
@@ -47,11 +46,28 @@ define postfix::hash ($ensure="present") {
}
}
- file {"${name}":
- ensure => $ensure,
- mode => 600,
- seltype => $postfix_seltype,
- require => Package["postfix"],
+ case $source {
+ false: {
+ file {"${name}":
+ ensure => $ensure,
+ mode => 600,
+ owner => root,
+ group => root,
+ seltype => $postfix_seltype,
+ require => Package["postfix"],
+ }
+ }
+ default: {
+ file {"${name}":
+ ensure => $ensure,
+ mode => 600,
+ owner => root,
+ group => root,
+ source => $source,
+ seltype => $postfix_seltype,
+ require => Package["postfix"],
+ }
+ }
}
file {"${name}.db":
diff --git a/manifests/definitions/mailalias.pp b/manifests/definitions/mailalias.pp
new file mode 100644
index 0000000..0d457e7
--- /dev/null
+++ b/manifests/definitions/mailalias.pp
@@ -0,0 +1,32 @@
+/*
+== Definition: postfix::mailalias
+
+Wrapper around Puppet mailalias resource, provides newaliases executable.
+
+Parameters:
+- *name*: the name of the alias.
+- *ensure*: present/absent, defaults to present.
+- *recipient*: recipient of the alias.
+
+Requires:
+- Class["postfix"]
+
+Example usage:
+
+ node "toto.example.com" {
+
+ include postfix
+
+ postfix::mailalias { "postmaster":
+ ensure => present,
+ recipient => 'foo'
+ }
+
+*/
+define mailalias ($ensure = 'present', $recipient) {
+ mailalias { "${name}":
+ ensure => $ensure,
+ recipient => $recipient,
+ notify => Exec['newaliases']
+ }
+}
diff --git a/templates/master.cf.debian-etch.erb b/templates/master.cf.debian-etch.erb
index aa5f34f..e6bc4ec 100644
--- a/templates/master.cf.debian-etch.erb
+++ b/templates/master.cf.debian-etch.erb
@@ -7,7 +7,8 @@
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
-<%= postfix_ng_smtp_listen %>:smtp inet n - - - - smtpd
+<% if postfix_smtp_listen == 'all' %>smtp inet n - - - - smtpd
+<% else %><%= postfix_smtp_listen %>:smtp inet n - - - - smtpd<% end %>
#submission inet n - - - - smtpd
# -o smtpd_enforce_tls=yes
# -o smtpd_sasl_auth_enable=yes
@@ -74,33 +75,36 @@ scalemail-backend unix - n n - 2 pipe
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
+<% if postfix_use_amavisd == 'yes' %>
+amavis unix - - - - 2 smtp
+ -o smtp_data_done_timeout=1200
+ -o smtp_send_xforward_command=yes
-
-# Amavis
-<% if (postfix_amavis == "true" ) -%>
-
-## http://www.freespamfilter.org/FC4.html#_Toc110999176
-
-smtp-amavis unix - - y - 2 smtp
- -o smtp_data_done_timeout=1200
- -o smtp_send_xforward_command=yes
- -o disable_dns_lookups=yes
-
-127.0.0.1:10025 inet n - y - - smtpd
- -o content_filter=
- -o local_recipient_maps=
- -o relay_recipient_maps=
- -o smtpd_restriction_classes=
- -o smtpd_helo_restrictions=
- -o smtpd_sender_restrictions=
- -o smtpd_recipient_restrictions=permit_mynetworks,reject
- -o mynetworks=127.0.0.0/8
- -o strict_rfc821_envelopes=yes
- -o smtpd_error_sleep_time=0
- -o smtpd_soft_error_limit=1001
- -o smtpd_hard_error_limit=1000
- -o receive_override_options=no_header_body_checks
-<% else -%>
-# Amavis not configured
-<% end -%>
-
+127.0.0.1:10025 inet n - - - - smtpd
+ -o content_filter=
+ -o local_recipient_maps=
+ -o relay_recipient_maps=
+ -o smtpd_restriction_classes=
+ -o smtpd_client_restrictions=
+ -o smtpd_helo_restrictions=
+ -o smtpd_sender_restrictions=
+ -o smtpd_recipient_restrictions=permit_mynetworks,reject
+ -o mynetworks=127.0.0.0/8
+ -o strict_rfc821_envelopes=yes
+ -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
+ -o smtpd_bind_address=127.0.0.1
+<% end %>
+<% if postfix_use_dovecot_lda == 'yes' %>
+dovecot unix - n n - - pipe
+ flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ${recipient}
+<% end %>
+<% if postfix_use_schleuder == 'yes' %>
+schleuder unix - n n - - pipe
+ flags=DRhu user=schleuder argv=/usr/bin/schleuder ${user}
+<% end %>
+<% if postfix_use_sympa == 'yes' %>
+sympa unix - n n - - pipe
+ flags=R user=sympa argv=/usr/lib/sympa/bin/queue ${recipient}
+sympabounce unix - n n - - pipe
+ flags=R user=sympa argv=/usr/lib/sympa/bin/bouncequeue ${user}
+<% end %>
diff --git a/templates/master.cf.redhat5.erb b/templates/master.cf.redhat5.erb
index 08564b2..8c3ee53 100644
--- a/templates/master.cf.redhat5.erb
+++ b/templates/master.cf.redhat5.erb
@@ -7,7 +7,7 @@
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
-<%= postfix_ng_smtp_listen %>:smtp inet n - n - - smtpd
+<%= postfix_smtp_listen %>:smtp inet n - n - - smtpd
#smtp inet n - n - - smtpd
#submission inet n - n - - smtpd
# -o smtpd_enforce_tls=yes